Power to grant authorisations

Investigatory Powers Bill – in a Public Bill Committee am 3:00 pm ar 14 Ebrill 2016.

Danfonwch hysbysiad imi am ddadleuon fel hyn

Question proposed, That the clause stand part of the Bill.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office) 3:15, 14 Ebrill 2016

I beg to move amendment 118, in clause 53, page 42, line 14, leave out subsection (1) and insert—

“(1) A Judicial Commissioner may grant a communications data access warrant where the judicial commissioner considers—

(a) that it is necessary to obtain the data for the purposes of a specific investigation or a specific operation, and

(b) that the conduct authorised by the warrant is proportionate to what is sought to be achieved.

(1A) The grant of a warrant is subject to restrictions set out in the rest of this Part.”

Photo of Albert Owen Albert Owen Llafur, Ynys Môn

With this it will be convenient to discuss the following:

Amendment 125, in clause 53, page 42, line 25, at end insert—

“(1A) The Judicial Commissioner may grant a warrant on application from—

(a) an officer from a relevant public authority involved in the relevant investigation; or,

(b) an individual designated by the relevant public authority to make applications for warrants to the Judicial Commissioner.”

Amendment 126, in clause 53, page 42, line 25, at end insert—

“(1B) A warrant must—

(a) name or otherwise identify the person or persons, organisation, premises, or location to which the warrant relates; and

(b) describe the investigation or operation to which the warrant relates.”

Amendment 229, in clause 53, page 42, line 26, leave out from beginning to end of line and insert—

“A warrant granted by a judicial commissioner may authorise the applicant or a telecommunications operator to”.

Amendment 119, in clause 53, page 42, line 26, leave out “designated senior officer” and insert “warrant”.

Amendment 120, in clause 53, page 42, line 32, leave out subsection (3).

Amendment 121, in clause 53, page 43, line 4, leave out “authorisation” and insert “warrant”.

Amendment 122, in clause 53, page 43, line 14, leave out “authorisation” and insert “warrant”.

Amendment 123, in clause 53, page 43, line 16, leave out “authorisation” and insert “warrant”.

Amendment 124, in clause 53, page 43, line 25, leave out “authorisation” and insert “warrant”.

Amendment 130, in clause 55, page 45, line 15, leave out “authorisation” and insert “warrant”.

Amendment 128, in clause 55, page 45, line 16, leave out subsection (1)(a).

Amendment 132, in clause 55, page 45, leave out line 31.

Amendment 129, in clause 55, page 45, line 37, leave out subsection (4).

Amendment 133, in clause 57, page 46, line 20, leave out “authorisation” and insert “warrant”.

Amendment 134, in clause 57, page 46, line 24, leave out “authorisation” and insert “warrant”.

Amendment 146, in clause 72, page 57, line 27, leave out from “by” to “and” in line 29 and insert “a warrant”.

Amendment 147, in clause 72, page 57, line 30, leave out “authorisation or notice” and insert “warrant”.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

We are now moving to a different part of the Bill and to a very important provision. I apologise if take some time, but we are moving to a significant set of matters that need to be considered together. The amendments to clause 53 have to be seen in context, and the context is the retention powers later in the Bill, which I will highlight in a moment.

I want to put the position of the Labour party on this and other provisions clearly on the record. It is accepted that there are circumstances in which it is necessary to retain or obtain the data of individuals who are not necessarily targets themselves, so that at a later stage that data can be accessed for a specific purpose or reason—so have a broad retention power and then a much more narrowly defined access provision. Clause 53 is the access provision. The retention provision is clause 78 and I direct the Committee’s attention to that clause because that is where this all starts.

Under clause 78 the Secretary of State can require “relevant communications data” to be retained by “any description of operators”, and she can require the retention of

“all data or any description of data” so long as they come within

“one…of the purposes falling within paragraphs (a) to (j) of section 53(7)”.

The Secretary of State’s very wide retention power is exercised by issuing a notice, the effect of which is to require the retention of potentially wide-ranging and extensive data for 12 months. That is an extensive retention provision. There is some provision for filtering the data, but the power to access the data is in clause 53.

On the face of it, the retention powers are quite wide and will necessarily involve retaining data of individuals who are not targets or subjects, never will be and were never intended to be—in fact, all of our data, in many respects. Our long-standing position is that to justify that potentially very wide power, which is a serious cause for concern to many people, it is critical that at the point of access there is a clearly defined and high threshold and clear safeguards. In other words, if one collects a lot of data, at the point of accessing it one must go through a much more rigorous set of preconditions with effective safeguards. Clause 53 allows such access.

On clause 53(1), the first thing to be observed is the person who is to grant authorisation—the holder of the keys to the gateway—to allow any of the activities in subsection (2), engaging in conduct

“for the purpose of obtaining the data from any person”,

and further action under subsection (4), is not the Secretary of State or a judicial commissioner, but a “designated senior officer” of a relevant public authority. That is an immediate cause for concern. There is a very wide power to retain, so it is necessary to have really strict preconditions before access, and the keys are held by a designated senior officer—nobody of higher rank than that.

To understand what that means, I direct Members’ attention to schedule 4, although I should perhaps go via clauses 61 to 64, which make further provision in relation to relevant public authorities and designated senior officers. The question is: who is a designated senior officer and what are the public authorities concerned? For that, we go to schedule 4 on page 204, where there is a long list of the public authorities and designated officers who can access the relevant data.

There we see some familiar bodies that one would expect to find in such a schedule, but running one’s eye down the list brings one to the Royal Navy Police, the Royal Military Police, and, further down, the Department of Health. Across the page are the Ministry of Justice, the Department for Transport, the Competition and Markets Authority, and the Criminal Cases Review Commission. I will pause there. In the Criminal Cases Review Commission, the person who can authorise access to data is an investigations adviser. With all due respect to the investigations advisers in the CCRC, that is a very low level of authorisation to access or obtain data that has been retained.

There are other examples. In the Financial Conduct Authority, any head of department in the enforcement and market oversight division has authorisation. Over the page, in a fire and rescue authority the watch manager provides authorisation, and in the Food Standards Agency it is a grade 6 employee. The Gambling Commission can access data under this provision, as long as a senior manager says so. These are really worrying levels of authorisation in relation to personal data: a senior manager in the Gambling Commission has the role of deciding whether your data or mine can be accessed. Dropping down the page, in a national health service trust it is the director of operations, or a control and communications manager, or the duty manager in ambulance trust control rooms who can authorise access to the relevant data, and so on and so forth. In the Office of Communications, it is the senior associate.

The first thing that is striking about clause 53 is the insufficiently senior level at which authorisation may be granted. Access may be authorised if

“a designated senior officer of a relevant public authority” thinks

“that it is necessary to obtain communications data for a purpose falling within subsection (7)” and that it is relevant for

“a specific investigation or a specific operation or…testing…The designated senior officer may authorise any officer of the authority to engage in any conduct which…is for the purpose of obtaining the data from any person”,

and so on. That is a real concern. Will the Solicitor General explain why it is thought appropriate to drop from what until now have been quite high levels of authorisation and scrutiny, with strict tests, right down to

“a designated senior officer of a relevant public authority”?

I have dealt with who can authorise access; let me turn now to the purpose of gaining access. What is it that the designated senior officer has to be satisfied about? That takes us straight to clause 53(7), which states that

“It is necessary and proportionate to obtain communications data for a purpose falling within this subsection if it is necessary and proportionate to obtain the data—”

Before I go down the list that follows in clause 53(7), I remind the Committee that the case involving David Davis, Tom Watson and others is before the Court of Appeal. We do not know the outcome of that case. Of course, it does not relate to these provisions, because they are not in force, but it relates to provisions that are not dissimilar to these. The question that arises in that case is: what is the true interpretation and effect of the Digital Rights Ireland case, in which it was found that one of the EU directives was invalid? The question before the Court of Appeal, which was critical to the European Court’s analysis in the Digital Rights Ireland case, is whether a regime for retention of data—a regime similar to the regime in the Bill—requires safeguards. The two safeguards in the Digital Rights Ireland case of most relevance to this clause are the safeguard that there must be a serious offence threshold for access and the requirement that there must be prior judicial oversight.

I am aware of the submissions and counter-submissions in that case on how those safeguards apply—whether they apply generally across the piece or whether they are case-specific. I am aware of what the divisional court said and what the Court of Appeal has said so far. In addition, I recognise that it would not be right for me to say that on the analysis of the Court of Appeal so far it is established that it is a precondition that the threshold must be a serious offence or that there must be prior judicial oversight. I do not advance an argument on that basis, because any fair reading of the Court of Appeal does not allow me to do so, and I do not do so. However, what it does is set up a challenge, which is what all of the courts have been concerned with in the Tom Watson and David Davis case, namely whether the safeguards are sufficiently rigorous and strict. The question is whether they have to be those particular safeguards or whether other safeguards could achieve the same balance.

I say that because if we now look at subsection (7), it becomes clear that it is a very long way removed from anything that could be called a serious offence threshold for accessing communications data. Paragraph (a) states that the data can be obtained

“in the interests of national security”.

That is familiar, and we have come across it already in our deliberations. Paragraph (b) states that the data can be obtained

“for the purpose of preventing or detecting crime or of preventing disorder”.

There, for the first time in the Bill, the word “serious” is gone; there is no “serious” threshold. Access to communications data by the designated senior officer is permitted if it is necessary for preventing or detecting any crime, with no threshold, and for preventing disorder. The most petty crime therefore comes within paragraph (b); there is simply no threshold. I am not making the point that it is a requirement under the Court of Appeal ruling so far—it is not final—that the crime must be serious, but to have no threshold at all for the crime in subsection (7)(b) is surprising, to say the least. We then have our old friend in the next paragraph:

“the interests of …economic well-being”.

Photo of Joanna Cherry Joanna Cherry Shadow SNP Westminster Group Leader (Justice and Home Affairs) 3:30, 14 Ebrill 2016

Where we have encountered the phrase “economic wellbeing of the UK” before, there has been another subsection to say that that only applies to persons outside the British islands, but there is no such corollary in clause 53. Does the hon. and learned Gentleman agree that that is worrying? If I am wrong, no doubt I will be corrected by the Government.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I am grateful for that intervention. If the Solicitor General can point to such a provision, I would be interested to see it. On the face of it, the clause allows designated senior officers within a public authority to obtain communications data in the interests of the economic wellbeing of the UK without that further qualification.

Subsection (7) then states that data can be obtained

“in the interests of public safety…for the purpose of protecting public health” or,

“for the purpose of assessing or collecting any tax”.

We then come to paragraph (g), on which I want to spend some time. It states that data can be obtained

“for the purpose of preventing death”— that would obviously be a high threshold—

“or injury or any damage to a person’s physical or mental health, or of mitigating any injury or damage to a person’s physical or mental health”.

The threshold is way, way down. There are many ways in which a person’s physical or mental health could be damaged. The Bill, if passed, will authorise access to communications data without any threshold as to the level of damage or injury.

Photo of Suella Fernandes Suella Fernandes Ceidwadwyr, Fareham

I appreciate the hon. and learned Gentleman’s analysis, but does he agree that obtaining communications data is one of the less intrusive powers contained in the legislation, but such data are very helpful for setting the scene and planting the seed for investigations? That has to be borne in mind when looking at the authorisation regime, because this is different from other powers.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

Let me take that in stages. I accept that accessing communications data is in a different category and order from, say, the interception of the contents of communications. I also accept the proposition that communications data are used in many cases involving serious crime. I will go further than that: it is rarely possible to bring and to conclude cases of serious criminality without reliance on communications data. I have no in-principle objection to communications data being made available and being used. My concern is the very low level of sign-off required to access those data and the lack of any meaningful threshold in subsection (7); there simply is not one. Whether or not a meaningful threshold is achieved by the insertion of the word “serious”, as I propose in my amendment, or some other word, if we simply say that it could be necessary and proportionate to access communications data to prevent any crime or damage, we are proceeding on a basis for which it is very hard to think of any circumstances in which it would be difficult or impossible to justify obtaining communications data. It just is not a set of thresholds.

Dealing with miscarriages of justice and situations in which a person has died and so on, and

“for the purpose of exercising functions” are listed in the subsequent paragraphs. My central point is obvious but important. I realise how necessity and proportionality apply, but on any reading of subsection (7) there is no threshold. I think there is a risk for the Government here. I appreciate the direction of travel of the Court of Appeal, but does anybody seriously think that the jurisprudence is not going to develop to a point where there is a threshold that is thought to be appropriate? It is one thing to say that we do not necessarily have to have a threshold of serious crime, but to go from that to saying that we do not have to have any threshold at all is to invite problems, if these provisions are passed.

Photo of Suella Fernandes Suella Fernandes Ceidwadwyr, Fareham

It appears that the hon. and learned Gentleman is dismissing the necessary hurdles of necessity and proportionality in satisfying the tests. They are obviously going to relate to and be thresholds, so is it not wrong to say that there is no threshold in the clause?

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I appreciate that the necessity and proportionality test has to be applied—in any given case there will always be an argument about whether it is necessary and proportionate—but as ever with necessity and proportionality the question is: what are we assessing necessity against and how are we arguing that it is proportionate? Is it necessary to do what? We get that only from the face of the statute. In other words, necessity does not give us anything unless we have some subject matter that it bites on, which is why the subject matter that it bites on is so important. Whether it is necessary for serious crime is one question; whether it is necessary for crime is another.

There are many, many things that one could say were necessary to prevent or detect crime. I absolutely accept that in practice those two tests are applied at all times, but the question is: what are they applied to? The question that the designated senior officer has to ask him or herself is: “Am I satisfied that it is necessary to prevent crime?” That would be good enough under the clause. It is, in principle, an inadequate threshold. I also think it will invite challenge in due course, because I do not think for one moment that, in the long run, the European Court and our courts are going to be satisfied with a scheme that does not have any threshold, even though there will be and are arguments about the precise threshold. We can see what the divisional court said in the Tom Watson case, so it is not just counsel’s argument that was never accepted by anybody. In that case in the divisional court, counsel’s argument that the serious crime threshold was an important safeguard was accepted. Thankfully, the writing is therefore on the wall if the clause is not taken back and reconsidered.

I shall move on to the second “who”. The first “who” I focused on was who can issue the necessary authorisation, which is the designated senior officer. Under clause 53(2), that person can

“authorise any officer of the authority to engage in any conduct”.

It goes from a relatively low-level authorisation to somebody even further down in the authority having to get on with the job of obtaining data.

The breadth of what can be done is outlined in clause 53(5), which states:

“An authorisation…may relate to data whether or not in existence at the time…may authorise the obtaining or disclosure of data by a person who is not an authorised officer, or any other conduct by such a person, which enables or facilitates the obtaining of the communications data”— so it goes beyond the specific authorisation to the facilitation—

“and…may, in particular, require a telecommunications operator who controls or provides a telecommunication system to obtain or disclose data relating to the use of a telecommunications service provided by another telecommunications operator in relation to that system.”

It is a very broad provision.

That enables us to see the amendments in their proper context. There are three categories of amendment. The first category is to be taken as a set and would insert some rigour and independence into the process by requiring judicial commissioners to sign off the necessary authorisations. The second set of amendments, which we will come to in due course, seeks to amend the threshold to provide a meaningful threshold for the judicial commissioner. To call clause 53 as drafted a set of safeguards is to mis-describe the words on the page.

Photo of Robert Buckland Robert Buckland The Solicitor-General

It is with this amendment, I am afraid, that we have a strong disagreement. To say that there are no thresholds is a misrepresentation of the situation. Putting it bluntly, the Government’s worry is that creating a serious crime threshold will miss a whole panoply of crimes that are extremely serious to victims. I am thinking in particular about crimes relating to harassment, stalking and other types of offences that would not fall within the threshold of serious criminality.

It is important that we couch our remarks carefully—the hon. and learned Gentleman has tried to do that, and I respect him for it. We are not talking about targeted interception here; we are talking about the retention of evidential leads—information that could, not of itself build a case, but which, in combination with other material, could allow investigators to build a case against a suspect. The analogy is with existing comms data, namely telephonic records and mobile phone records—the sort of material that he, I and others on the Committee have regular use and an understanding of, as prescribed by the RIPA regime. We are all familiar with it. The difficulty is that, as the days go by, the reliance by criminals on conventional methods of telecommunication changes.

The old system, where the SMS message would be the way things would be done, is increasingly falling into disuse. WhatsApp, internet chat forums and all sorts of encrypted means of communication are now being used. There is no doubt that the ability of the agencies—the security and intelligence agencies, the police and other agencies—to obtain even those evidential threads is therefore becoming more difficult. We are not talking about content, nor should we be. I draw an analogy with the sort of drugs observance case where the police officers can see people coming and going from a house that is of interest, but cannot see what is going on inside that house. That is what we are talking about here. Adopting these amendments would be entirely the wrong step to take.

Photo of Joanna Cherry Joanna Cherry Shadow SNP Westminster Group Leader (Justice and Home Affairs)

It is interesting that the Solicitor General chooses the example of surveillance in a drugs operation to tell us what we are talking about. That would be a serious crime, but as the shadow Minister has drawn attention to, clause 53(7) allows authorisations to obtain data not just for serious crimes, but for a whole plethora of things, including protecting public health, taxes, duties, levies and so on. Notwithstanding his opening comments, does he not accept that it is telling that the example he chooses is one of serious crime?

Photo of Robert Buckland Robert Buckland The Solicitor-General

Not all drugs supply is necessarily serious. We might be talking about a particular class of drugs, which might not qualify within the criteria. Is the hon. and learned Lady seriously suggesting that we should not have the capability to draw evidential leads on cases of harassment, stalking or other offences that we all know are a particular problem when it comes to the abuse of victims?

Photo of Joanna Cherry Joanna Cherry Shadow SNP Westminster Group Leader (Justice and Home Affairs)

Stalking is, in my respectful submission, a serious crime. The thrust of these amendments is that the authorisation should be for serious crime, and by a judge.

Photo of Robert Buckland Robert Buckland The Solicitor-General

The hon. and learned Lady wants to have her cake and eat it. The hon. and learned Member for Holborn and St Pancras said he wants a much higher threshold. I am sorry, but we cannot play around with this. The Committee is dancing dangerously on the edge if it seeks, in an ad hoc way, to try to subjectively define what serious crime is.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office) 3:45, 14 Ebrill 2016

I want to be clear with the Committee. In fairness to the Solicitor General, I can see the argument that, for harassment, there can be serious consequences for the individual. I had to deal with a number people in that situation and I do not underestimate for a moment the serious consequence that a series of minor actions can have. I do not think that necessarily means that we cannot have a serious crime threshold. I would be willing to work on what that threshold would look like, but I should not be taken as thinking that harassment, for example, cannot have serious consequences.

Photo of Robert Buckland Robert Buckland The Solicitor-General

I am grateful to the hon. and learned Gentleman for that concession. It is important and it is not straightforward, and that is why I am afraid, as currently constructed, these amendments are deficient.

If I can develop my argument, I would like to give an example from Gwent police—a force that I know very well and have prosecuted on behalf of for the Gwent CPS on many occasions. Last November, a female victim returning home from a night out was approached by an unknown male who proceeded to sexually assault her. As a result of her cries, two witnesses approached and, thankfully, the male fled the scene before the offence was completed, serious though it was. An urgent press release was issued, along with CCTV footage of the offender. As a result, a member of the public called the police stating that she recognised the offender, who had given her his number. Investigators acquired subscriber data on that number and identified a suspect, who was subsequently arrested. In court, the offender pleaded guilty and received a 12-week prison sentence that was suspended for 12 months, and was placed on the sex offenders register for five years. I think we would all agree that that sounds very serious.

Photo of Robert Buckland Robert Buckland The Solicitor-General

But is it? We have got to be absolutely clear. None of us would want that type of offence to fall outwith any of the criteria in these provisions—I am sure that would be the case.

Photo of Peter Kyle Peter Kyle Llafur, Hove

Proportionality was a central part of the discussion on Second Reading, and we received many reassurances from the Government. My hon. and learned Friend the Member for Holborn and St Pancras has made a powerful point about the use of these powers in minor crimes. The Bill lowers the threshold to

“damage to a person’s physical or mental health” or the potential thereof. Will the Minister tell us what crime or potential crime does not pose damage to a person’s physical or mental health, or have the potential thereof?

Photo of Robert Buckland Robert Buckland The Solicitor-General

Of course, there are plenty of offences that do not involve violence or the threat of violence, such as fraud, although I understand that the potential consequences of some fraud can cause stress. May I reassure him that the test of necessity and proportionality in clause 53(7) remains very much at the centre of everything? I would not want him to be misled into thinking, as has perhaps been suggested by some of his Front Bench colleagues, that this is a free-for-all; far from it.

Photo of Robert Buckland Robert Buckland The Solicitor-General

No, because I want to develop the argument. It is vital that we look at the underpinning of all this. None of the three reports that informed the drawing up of the Bill, nor the three reports arising from the pre-legislative scrutiny of the draft Bill, recommended any changes whatever to the authorisation regime for communications data. For example, David Anderson, QC, recommends authorisation of the acquisition of communications data by a designated person in a public authority. RUSI recommended:

“For the acquisition of communications data otherwise than in bulk, an authorisation by the relevant public authority. Communications data should only be acquired after the authorisation is granted by a designated person.”

Prior to that, the report from the Joint Scrutiny Committee on the draft Communications Data Bill 2012 looked into the authorisation regime in depth and concluded that it was indeed the right model.

I entirely accept that anything that can sensibly be done to improve the already strongly regulated regime should be done. That is precisely why we have, for instance, provided for a new criminal offence that applies to persons in public authorities who knowingly or recklessly obtain communications data from a communications service provider without lawful authority. We have made the highly regarded SPOC—single point of contact—regime, which provides expert advice and guidance to authorising officers, a mandatory requirement in the Bill.

Photo of Lucy Frazer Lucy Frazer Ceidwadwyr, South East Cambridgeshire

Does the Solicitor General think that one of the reasons that David Anderson supported these clauses is the benefit of communications data in Operation Magpie, to which he refers specifically in his report, when Cambridgeshire County Council protected more than 100 elderly and vulnerable persons from attempts to defraud them by using communications data powers?

Photo of Robert Buckland Robert Buckland The Solicitor-General

I am grateful for that powerful example provided by my hon. and learned Friend.

It is important to note that in the report on the draft Bill—I am looking at paragraph 11 of the summary of conclusions and recommendations—the Joint Committee stated:

“We believe that law enforcement should be able to apply for all types of communications data for the purposes of ‘saving life’. We recommend that the Home Office should undertake further consultation with law enforcement to determine”— the report then makes references to various things in the draft Bill that would not necessarily not read over to the Bill that is before the Committee.

The point I am seeking to make, in the round, is that we have a tried and tested system, which is being replicated—indeed, enhanced—by the Bill, that deals with a very large number of applications. According to the latest annual report by the interception of communications commissioner, in 2013 there were 517,236 authorisations and notices for communications data in total. That contrasts that with warrantry and intrusive and limited interception of communications—in the same period, there were 2,795—so we are talking about a very different set of parameters, with a large volume of requests. My worry is that, however well-intentioned the amendment is, it is wholly unrealistic when it comes to fighting crime.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I rise only because this is an important point about how the powers will come to be exercised. It is of course possible to say that the precise wording of the amendment might not work in certain circumstances—all but sentences of 10 weeks or less are serious cases, and so on—but I do not want us to miss the point. The challenge to the Solicitor General is that there is no threshold. It is perfectly all right to say that the amendment does not necessarily achieve in precise terms the right level of seriousness, but it is not right simply to push back at the notion that there must be some threshold in the measure that is meaningful, which at the moment there is not.

Photo of Robert Buckland Robert Buckland The Solicitor-General

I hear what the hon. and learned Gentleman says, but I do not agree with him about the threshold. It is set out in subsection (7). I can give another example: what about a missing person inquiry? We would not know whether it was a crime; it might well be a young person who has run away. We all have some direct or indirect experience of that.

I will address the point, but I have to be careful, because the case to which the hon. and learned Gentleman has referred is sub judice. I do not disagree with any of his characterisation, by the way, and of course I have read with care the Court of Appeal judgment of Lord Justice Lloyd Jones, but the hearing in the Court of Justice of the European Union is this week, I think. We will have to see how that develops.

I am very conscious of how case law develops in this area, and I am mindful of it, bearing in mind my duty as a Law Officer to uphold the rule of law. I am sure the hon. and learned Gentleman understands that, but where we are is in a sensible place. My worry is that if we start to get too restrictive, we will in effect end up in a position in which many serious matters—matters that are serious to the victim, but might not be serious according to other criteria—are lost or missed.

I have already mentioned necessity and proportionality. I should also pray in aid the fact that there will have to be compliance with a detailed code of practice and independent oversight and inspection of the regime by a senior judge, currently the Interception of Communications Commissioner. The current internal authorisation regime is working well. No deliberate abuse of it has been identified in any ICC reports, which speaks volumes for the integrity of the current system.

Photo of Joanna Cherry Joanna Cherry Shadow SNP Westminster Group Leader (Justice and Home Affairs)

Will the Solicitor General accept that there have been severe concerns lately about what turned out to be rather destructive surveillance activities by the Metropolitan police in relation to covert human intelligence sources? Does he agree that it is highly unlikely that such practices would have occurred if there had been a system of prior judicial authorisation, rather than internal authorisations?

Photo of Robert Buckland Robert Buckland The Solicitor-General

The hon. and learned Lady knows, of course, that that matter is now being investigated, in an inquiry led by Lord Justice Pitchford. I am not saying that she is not entitled to mention it, but it really is a different set of circumstances. That particular means—the covert use of human intelligence sources—is not what we are talking about, with the greatest respect. We are talking about ensuring that authorities prescribed by statute have the capability to continue finding the sorts of evidential lead that until now have been almost exclusively the province of conventional telecommunications.

Photo of Joanna Cherry Joanna Cherry Shadow SNP Westminster Group Leader (Justice and Home Affairs)

Perhaps I can put another example to the Solicitor General. Towards the end of last year, it was revealed that, due to what a judge labelled systemic internal failings in how the National Crime Agency applied for a warrant, a number of trials were at risk of collapse. Earlier in the year, Mr Justice Hickinbottom lamented what he called an

“egregious disregard for constitutional safeguards”

within the NCA, in the case of Chatwani and others v. the National Crime Agency and others. Those are examples of where the system is not working.

Photo of Robert Buckland Robert Buckland The Solicitor-General

I am familiar with what the hon. and learned Lady is talking about, but again, that involves a particular failure by the NCA on warrantry. Here we are talking about various agencies’ abilities. With respect to her, it is not the same. We are discussing a different regime. Tempting though it is to read over, that would be to frustrate the important work of many law, detection and investigative agencies in our country.

I do not see the purposes within the Bill as inconsistent in any way with the purposes set out in the exemptions from and limitations of the right to privacy in article 8.2 of the European convention on human rights. There has never been a serious crime threshold for the acquisition of communications data. No such limit is placed in article 8.2, which is why the Government’s position on this issue—I will not mention the case—is legally respectable and sustainable. That is why the provisions in the clause meet the challenge that faces the agencies in a way that is proportionate and necessary, and that keeps pace with the breathtaking rate of change of technology being taken advantage of by many people of good will, but also by people of less than good will. For that reason, I ask that the amendment be withdrawn.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I will not repeat the concerns that we raised. Proceeding with a clause that has no seriousness threshold, however expressed, is fraught with difficulties, but the Minister has indicated that he will consider some of the issues and I want to reserve this issue for a later stage, so I beg to ask leave to withdraw the amendment.

Amendment, by leave, withdrawn.

Photo of Joanna Cherry Joanna Cherry Shadow SNP Westminster Group Leader (Justice and Home Affairs) 4:00, 14 Ebrill 2016

I beg to move amendment 228, in clause 53, page 42, line 21, leave out subsection (1)(b)(ii).

Photo of Albert Owen Albert Owen Llafur, Ynys Môn

With this it will be convenient to discuss the following:

Amendment 231, in clause 53, page 43, line 5, leave out subsection (4)(d).

These amendments to Clause 53 provide that in order to access communications data, a relevant public authority must seek a warrant from a Judicial Commissioner rather than undertake a system of internal authorisation. These amendments also provide for warrants to authorise conduct of a relevant public authority and require steps be taken by a telecommunications operator, removing the need for separate “authorisations” to public authorities and “authorisation notices” to telecommunications operators.

Amendment 131, in clause 55, page 45, line 24, leave out subsection (2).

Photo of Joanna Cherry Joanna Cherry Shadow SNP Westminster Group Leader (Justice and Home Affairs)

I am very much in agreement with everything that the hon. and learned Gentleman said on the last group. The Scottish National party’s position is that access to communications data should be by means of a judicial warrant. We share the concerns that he articulated about the lack of a proper threshold in clause 53(7). I do not intend to press these amendments to a vote. I associate myself with the learned Gentleman’s position, and I reserve my position on this matter for a later stage. This is an absolutely crucial clause, and it is extremely concerning, as he said, that there is no proper threshold in it.

Photo of Robert Buckland Robert Buckland The Solicitor-General

I am grateful to the hon. and learned Lady for her succinct remarks. I will simply make the following observations about her amendment. It would remove the ability of the relevant public authorities to apply for communications data authorisation to test equipment or for technology development purposes. It is vital that those who are authorised to acquire communications data are able to test existing systems and to assist the development of new equipment or systems. Without that ability, we will not know whether the equipment will provide the required information in a real-life investigation, and nor will we be able to fix errors in systems where they are detected. We fear that that could have a seriously detrimental effect on our law enforcement agencies’ ability to prevent and detect crime and may lead to mistakes, which are in nobody’s interest—least of all that of the public, whom we serve. Therefore, this is a vital further safeguard. With respect, we are somewhat puzzled about why the amendment was tabled, but we heard the hon. and learned Lady and we respect her position. For those reasons, we oppose the amendment.

Amendment, by leave, withdrawn.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I beg to move amendment 110, in clause 53, page 43, line 39, after “detecting”, insert “serious”.

Photo of Albert Owen Albert Owen Llafur, Ynys Môn

With this it will be convenient to discuss the following:

Amendment 109, in clause 53, page 43, line 39, leave out “or of preventing disorder”.

Amendment 111, in clause 53, page 43, line 40, at end insert

“which includes to assist in investigations into alleged miscarriages of justice”.

Amendment 112, in clause 53, page 43, line 41, leave out subsections (7)(c) to (f).

Amendment 114, in clause 53, page 44, line 1, after first “or”, insert “serious”.

Amendment 115, in clause 53, page 44, line 1, after “any”, insert “serious”.

Amendment 116, in clause 53, page 44, line 2, after “any”, insert “serious”.

Amendment 117, in clause 53, page 44, line 3, at beginning insert “serious”.

Amendment 113, in clause 53, page 44, line 5, leave out subsections (7)(i) and (j).

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I have covered my concerns that relate to these amendments, and the Solicitor General has dealt with them in his submissions. For the same reasons as on the first group of amendments, I want to take this matter away and I reserve my position. I beg to ask leave to withdraw the amendment.

Amendment, by leave, withdrawn.

Clause 53 ordered to stand part of the Bill.

Clause 54

Additional restrictions on grant of authorisations

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I beg to move amendment 127, in clause 54, page 44, line 20, leave out subsections (1), (2) and (3).

This is formally my amendment and therefore my embarrassment, because I do not think it achieves its intended purpose. I do not intend to press it to a vote. When I looked at it again in the early hours of this morning, I could see that it does not achieve whatever I hoped to achieve.

Photo of John Hayes John Hayes Minister of State (Home Office) (Security)

I wish to put on the record that I think the hon. and learned Gentleman deserves a big mark for honesty.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I will make such comments as I have during the clause stand part debate.

Photo of Robert Buckland Robert Buckland The Solicitor-General

I am grateful to the hon. and learned Gentleman. It was puzzling me, and he has solved the mystery. The amendment seemed to remove the safeguard, which I am sure he does not want to do.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I beg to ask leave to withdraw the amendment.

Amendment, by leave, withdrawn.

Question proposed, That the clause stand part of the Bill.

Photo of Joanna Cherry Joanna Cherry Shadow SNP Westminster Group Leader (Justice and Home Affairs)

I do not oppose the removal of safeguards from the Bill. However, this is the first time that internet connection records have raised their head in the Bill and I feel compelled to foreshadow the more detailed arguments that will be made when we reach clause 78.

The collection of internet connection records is one of the fundamental changes that the Bill seeks to introduce, and subsections (4), (5) and (6) of the clause contain the first mention in the Bill of such records. I think that I am correct in saying that they are in fact only mentioned in one further clause—clause 78.

Clause 54(6) sets out to define an internet connection record but fails spectacularly to do so because of its widely-drawn language, which clearly attempts to cover every imaginable base. The Scottish National party understands that the police and other authorities need powers befitting the digital age but, as legislators, we cannot pass a clause with such a significant impact on civil liberties—on personal privacy—without a clear definition in the Bill.

The industry has made it clear that it is willing to work with the Government to try to help implement ICRs. The trouble is that the industry does not know what ICRs are—and it looks like the Government do not know either. I addressed that point in quite a lot of detail on Second Reading. It is interesting that the Internet Service Providers Association says:

“The Investigatory Powers Bill deals with highly complex technical matters, however, our members do not believe that complexity should lead to a Bill lacking in clarity.”

I very much associate myself with those comments.

We cannot legislate in a vacuum and if the Government cannot provide further detail and clarity so we all know what an internet connection record is and what we are legislating for, we will have no option but to try to remove the collection of such records from the Bill through our amendment to clause 78. But the Scottish National party objects to the inclusion of internet connection records not just because of the difficulty of defining them—in my speech on Second Reading, I suggested that they are not at all a sort of internet replication of a phone record, as the Home Secretary seemed to think they were—but because of their intrusiveness. They would provide a detailed record of every internet connection of every person in the UK over 12 months, with a log of websites visited, communications software used, systems updates downloaded, desktop widgets used and every mobile app used, and logs of any other device connected to the internet, such as games consoles or baby monitors. I said in that speech that that would be “fantastically intrusive” and I stand by that.

Law enforcement bodies can currently obtain similarly extensive internet connection data for specific surveillance targets in several ways. First, they can request that telecommunications operators in the future retain the data of specific targets. Secondly, they can request retrospective internet connection data on specific targets from operators who temporarily store such data for their own business purposes. Thirdly, if they are seeking to prevent or detect serious crime, they can request data or assistance from GCHQ, which has a remit to provide intelligence for those purposes. Intelligence sharing to tackle online child sexual exploitation will be fortified by the establishment in November last year of the National Crime Agency and GCHQ joint operations cell.

The Intelligence and Security Committee noted in recommendation I of its report on the draft Bill that the delivery of ICR proposals

“could be interpreted as being the only way in which Internet Connection Records may be obtained. However, this is misleading: the Agencies have told the Committee that they have a range of other capabilities which enable them to obtain equivalent data.”

The ISC recommended that the Bill be amended in the interests of transparency, but no transparency has been provided.

The Scottish National party believes that the case supporting this huge expansion of data collection by internet service providers and its benefit to law enforcement is deeply flawed and contradicted by the available evidence, and that it has been accurately described as overstated and misunderstood.

I reiterate that there are no other “Five Eyes” countries in which operators are or have been forced to retain similar internet connection data. In Europe, as we heard the Danish tried it and decided that it was not of any utility. They thought about trying it again recently, but decided not to repeat the experiment. David Anderson noted in his report “A Question of Trust”, on page 265, about the collection of that sort of internet connection data that

“Such obligations were not considered politically conceivable by my interlocutors in Germany, Canada or the US.”

He therefore said that a “high degree of caution” should be in order.

There is also a legal issue with the mooted collection of internet connection records, because in 2014 the Court of Justice of the European Union ruled in the Digital Rights Ireland case that indiscriminate collection and storage of communications data is a disproportionate interference with a citizen’s right to privacy. I therefore argue it is unacceptable that the Government are attempting to bypass that ruling to extend their policy of blanket data retention.

It will no doubt be argued that, provided there are sufficient safeguards, the Court’s concerns from that case do not apply. However, as we just heard, there are not independent safeguards because we do not have judicial authorisation for access to internet connection records. We have instead a long list of public officials who have access to such records through internal procedures. I want to make it clear that I do not seek to impugn the integrity of public officials, but the reality is that their primary concern will relate to the operational capacity of their agency. That is a perfectly understandable matter of organisational culture, but that is also a reality that mitigates in favour of independent third-party authorisation.

If we collect internet connection records, we face falling foul of European Union law. We will also face falling foul of European Union law if we collect them without proper independent authorisation. I oppose clause 54 because it is the first point at which internet connection records rear their head in the Bill and the Scottish National party is not convinced that the Government have made a case for internet connection records. We are not convinced that there are not alternative routes to get at the necessary information and we are concerned that the collection of such records will be in violation of the law and of civil liberties.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

We shall not seek to vote down the clause, but I want to raise some serious concerns about internet connection records because, as has been said, I think this the first time that they appear in the Bill. Subsection (6) is important because that provides the definition that

“‘internet connection record’ means communications data which…may be used to identify, or assist in identifying, a telecommunications service to which a communication is transmitted by means of a telecommunication system for the purpose of obtaining access to, or running, a computer file or computer program, and…comprises data generated or processed by a telecommunications operator in the process of supplying the telecommunications service to the sender of the communication”.

That is a wide definition. I listened carefully to the evidence of senior law enforcement officials about their ask on internet connection records, and they made it clear that they were concerned to have the who, the how, the when and the location.

I appreciate that there are other provisions—in fairness, I will come to those—but my concern is that that definition is much wider than their ask. That is important because subsection (4) deals with the point of access to internet connection records and what the designated senior officer can authorise. I accept that that subsection contains the restriction that internet connection records cannot be obtained or accessed unless one of the purposes identified is complied with—

“which person…which internet communications service…where or when”.

That has a resemblance to what senior law enforcement told us was their ask, but the problem is that the definition in subsection (4) is much wider. It might be asked whether that matters. Well, it does matter because clause 78—the retention clause—as we have observed, provides that the Secretary of State may issue a retention notice in relation to relevant communications data. Clause 78(9) makes it clear that relevant communications data may be used to do a list of things—I will return to the list—and that internet connection records are included. That definition of internet connection records crops up again in clause 78(9). Therefore, anything within that description, so long as it also complies with the other bits of the subsection, may be retained.

The important point I am trying to make is that it is one thing to say that designated senior officers can only access internet connection records if the preconditions in clause 54(4) are complied with, but it is another, more difficult argument to sustain that only internet connection records that go to the issues of which, why, when, who and location, and so on, are caught within the retention, because the retention is for any internet connection record that comes within the wider definition. It is true to say that clause 78(9) states:

“‘communications data’ means…data which may be used to identify, or assist in identifying, any of the following—the sender or recipient…the time or duration of a communication; the type, method or pattern, or fact, of communication; the telecommunication system…from, to or through which…a communication is…transmitted; or the location”.

But that definition is, by no means, as tight as the definition in clause 54(4), so we are back to the situation of, “Let’s assess what is caught, or retained, and what is later accessed.” The suggestion that what is caught or retained is as tightly constrained as the description that law enforcement favours is wrong: it is a much wider definition of internet connection records.

On web browsing, as members of the Committee will know, the issue of internet connection records is a real concern among the public. When I talk to people about the Bill and the discussion gets to internet connection records, they have a keen interest in just what the Bill can do, because there is real concern about anything that retains the web browsing history of ordinary members of the public. The comms data code of practice has a heading dealing with web browsing and communications data, and it describes uniform resource locators. Paragraph 2.53 sets out the standardised structure of a URL, which is usually what comes up in the bar when one is searching on the internet—that is in the code of practice for a reason, because it potentially comes within the scope of the Bill. Paragraph 2.54 states:

“These elements of a URL are necessary to route a communication to the intended recipient and are therefore communications data.”

To be clear, that means that uniform resource locators come within the definition of communications data. Paragraph 2.54 also states that

“fully qualified domain names provide an indication of the type of content that the server being accessed contains”.

Paragraph 2.55 sets out further information about what

URLs may, but do not always, contain”.

Paragraph 2.57 states:

“An authorisation under Part 3 of the Act”— which is what we are concerned with—

“or retention notice under Part 4”— which I have mentioned—

“may only authorise the acquisition or retention of those elements of a URL which constitute communications data.”

URLs are not excluded: they can come within a retention notice, so long as they constitute communications data. We are in the territory of web browsing history, and we have to tread carefully to ensure that the system is as tight as it is claimed to be.

To get to what constitutes communications data, we have to go to the definitions in the Bill. Clause 225(1) helpfully points out that

“‘systems data’ has the meaning given by subsection (4)”.

Clause 223(5) states:

“‘Communications data’, in relation to a telecommunications operator, telecommunications service or telecommunication system, means entity data or events data which is (or…is capable of being) held or obtained by, or on behalf of, a telecommunications operator”.

The definition goes on to refer to data

“which is available directly from a telecommunication system”.

It is true that the end of clause 223(5) makes clear that it is not about content in its own right, but members of the public, the Labour party and other Opposition parties are concerned that simply excluding content is not a sufficient safeguard. In other words, it may well be that the content and the sub-content of one’s web browsing history are not caught by the provisions, but there may be a route map. This is not a direct analogy, but it is almost a reading list of what people have been looking at. Although it may only give the title of the book, that reading list reveals a great deal about the private lives of individuals, in a way that goes beyond other forms of communications data.

Photo of Robert Buckland Robert Buckland The Solicitor-General 4:15, 14 Ebrill 2016

It is important that we go through this carefully. The shadow Minister talked about browsing history. The full history does not constitute comms data; it is not an ICR for the purposes of this legislation. It is like looking at everything after the forward slash. Let us take the example of a website such as telegraph.co.uk: the fact that a person visited the website may be one thing, but everything after the forward slash—the detail of what the person is doing—is not an internet connection record for the purposes of the Bill.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I am grateful to the Solicitor General for that reply. The same point was made on Second Reading by the Home Secretary and was also made in Committee, but I have a difficulty with it that is important to put on the record. Where are the words in the Bill that result in what the Solicitor General said? I am concerned, because I cannot see them.

I accept that, when it comes to accessing internet connection records, there is the further test in clause 54(4). At the moment, a constituent might say, “Will my internet connection records and browsing history be kept?” People are concerned about whether there is a record of what they have looked at on the internet. They feel very chilled by that. The Solicitor General says that it goes so far but no further. That is to give people comfort and I understand why it is said. The difficulty I have is finding the precise words in the Bill that give effect to that proposition.

Photo of Robert Buckland Robert Buckland The Solicitor-General

Is not the real question whether the authorities will have access to that history without due process? Therein lies the rub. As I have said to the hon. and learned Gentleman, the full browsing history will not be capable of being accessed without further warrantry.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I understand the Solicitor General’s point, which is that when it comes to access, there is a further, stricter test. I absolutely understand that and I accept that clause 54(4) is there for a purpose. The question that my constituents and I, and others, want answered is, “What about what is being retained?” There is a chilling feeling if it is being retained. The comfort of the Government saying, “Well, we are keeping everything but we will not look without a stricter test”, is, of course, a comfort, but it is not that much comfort to many concerned individuals.

Photo of John Hayes John Hayes Minister of State (Home Office) (Security)

I support the Solicitor General’s view—I do not want the hon. and learned Gentleman to be caught in a pincer movement by the way. None the less, clause 223(6) is pretty clear, is it not? It mentions anything that

“might reasonably be considered to be the meaning (if any) of the communication”.

That seems very helpful. I know that that clause is in the other part of the Bill but, of course, it relates to the content in exactly the way he describes.

Photo of Keir Starmer Keir Starmer Shadow Minister (Home Office)

I am grateful to the Minister for pointing that out but that was the route that I trod a few days ago when I was preparing my submissions. The problem is that content is given the description that he just set out, but it also says,

“any meaning arising from the fact of the communication or from any data relating to the transmission of the communication is to be disregarded, and (b) anything which is systems data is not content.”

That obviously led me to have a look at what systems data are, for which we have to go to clause 225(4), which states that systems data

“means any data that enables or facilitates, or identifies or describes anything connected with enabling or facilitating, the functioning of…a telecommunication system”.

It is true, and I accept, that an internet connection record does not include content in the form set out in 223(6), but then one gets to systems data, and part of it comes back out again. It would be very helpful if someone were to attempt to describe, by reference to the Bill’s provisions, why it is said that, at the point of retention, the provision does not include web browsing history. That is a question that many people would like answered. I leave that challenge on the table for the Government.

I rose to say that at this late hour and it is a complicated point, but it goes to the heart of the question about ICRs. At the moment, it is being framed in the sense of, “Well, they won’t look at it unless”, but people are genuinely concerned about the retention of their browser history.

Photo of Robert Buckland Robert Buckland The Solicitor-General

As a preface to my remarks, which will have to be succinct, I do not want to stray into the debate on clause 78. I do not want to criticise the hon. and learned Member for Edinburgh South West, but she has made points that will properly be answered when we come to that debate. She is right to raise the point about the Danish experience and, like me, she has read the evidence in the Committees, but there are significant differences between what we are trying to do in the UK and what happened in Denmark. The Danish experience was not a great one. There are significant operational, financial and other differences that mean that the Danish Government are looking carefully and with a great interest at what we are attempting to do in the UK. This is not straightforward and it is not easy, but it is our duty as legislators to get ahead of the curve when it comes to the development of technology and to make sure we are not playing catch-up when it comes to criminals’ increasingly sophisticated use of the digital sphere.

Photo of Joanna Cherry Joanna Cherry Shadow SNP Westminster Group Leader (Justice and Home Affairs)

Setting the Danish experiment to one side, can the Solicitor General tell us why the other “Five Eyes” countries are not requiring operators to retain similar internet connection data? Why are no other western democracies doing that?

Photo of Robert Buckland Robert Buckland The Solicitor-General 4:30, 14 Ebrill 2016

The simple answer is that they know there are technological challenges and that someone must start somewhere. I am proud that the United Kingdom is trying to set the correct example. It may be that the detail is more than we can do and this is why we are having scrutiny and debate—I warmly welcome that—but to suggest that because it is difficult we should not take a lead is a counsel of despair. That is not good enough when it comes to the challenges facing us with the development of technology.

The hon. and learned Member for Holborn and St Pancras asked some proper and detailed questions, and rightly contrasted and compared various parts of the Bill. As lawyers and legislators, we must be careful not to become too prescriptive when defining the technology, which is why the combination of the framework in the Bill and the code of practice to which the hon. and learned Member for Edinburgh South West referred—paragraph 2.63 helpfully sets out what an ICR might consist of—gives sufficient clarity and flexibility operationally to keep pace with developments in technology. We must necessarily be technology neutral and careful when making definitions.

We worked extremely closely with law enforcement agencies about their needs, including the Joint Committee’s work, and they have been clear that the Bill now reflects those needs. Communication service providers have also developed their views in recent months. They confirmed in evidence to the Committee that they understand exactly what they are being asked for. My strong contention is that what we have now is a clear definition of internet connection records and helpful support from the codes of practice.

Let me deal with clause 54 directly. It sets out clearly the four operational purposes for which a designated senior officer may grant an authorisation for a relevant public authority to obtain an internet connection record. All those purposes have been endorsed by the Joint Committee. Importantly, it specifically advanced the fourth purpose in its conclusions. That fourth purpose covers connections that do not disclose a crime or nefarious purpose, but with other material can help to build up a series of evidential leads to the effective detection of crime.

I am grateful for the examples that the Digital-Trust gave to all members of the Committee. Many of us are familiar with the organisation and it is supported by, among others, Harry Fletcher, who was deputy general secretary of the National Association of Probation Officers. His work, with that of others, to combat stalking and harassment is well known to me. I worked closely with him on the draft Bill that became law as the Protection of Freedoms Act 2012, and now on the work that addresses stalking. The trust’s example is powerful. Many stalkers sadly indulge in sending unwanted gifts to their victims. For example, they may habitually order flowers to make the point that they are still there. The victim may not want such gifts, but they are part of the stalking behaviour.

The internet connection record that discloses that someone had gone to a florist is innocuous, but it could be vital lead evidence in building a picture of someone’s stalking and harassing behaviour. That is why the Digital-Trust strongly supports clause 54(4). It can see the operational merit in ensuring that such purposes are included. It is a stark and clear example of the dangers of over-limiting the criteria within which the investigating authorities can act.

The hon. and learned Gentleman is quite right to talk about the concerns we all share about the unwarranted retention of masses of information that would constitute an intrusion into the lives of millions of people. Let us not forget that the Government will not be retaining the information. The information will be at arm’s length from Government. There is a filter system designed not only to screen out but to destroy data that is extraneous to the investigation. Crucially, the full web browsing history does not constitute an internet connection record. It is therefore not covered by the provisions and would have to be subject to the sort of warrantry that Members of this House understand to be necessary to protect the privacy of the people we serve. For those reasons, I strongly commend clause 54 to the Committee.

Question put, That the clause stand part of the Bill.

The Committee divided:

Ayes 10, Noes 2.

Rhif adran 7 Christmas Tree Industry — Power to grant authorisations

Ie: 10 MPs

Na: 2 MPs

Ie: A-Z fesul cyfenw

Na: A-Z fesul cyfenw

Question accordingly agreed to.

Clause 54 ordered to stand part of the Bill.

Clauses 55 to 57 ordered to stand part of the Bill.

Clause 58